Skip to content

[CAMEL-22557] AS2: Fix configuration isolation and enable port sharing for inbound routes #19649

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 16 commits into from
Closed

[CAMEL-22557] AS2: Fix configuration isolation and enable port sharing for inbound routes #19649

wants to merge 16 commits into from
+726 −121

Conversation

@brunovg
Copy link
Contributor

@brunovg brunovg commented Oct 21, 2025

Description

This Pull Request addresses a major architectural limitation in the camel-as2 component where multiple inbound AS2 Consumers (routes) could not share the same port number.

The previous architecture led to two primary issues:

Port Binding Failure: The second route attempting to start would fail with an "Address already in use" error.

Configuration Collision: Even if the port binding was bypassed, encrypted messages failed with a NullPointerException or AS2DecryptionException because the shared server connection's cryptographic keys were overwritten or set to null and could not be retrieved by the correct Consumer.

CAMEL-22557: camel-as2 - Server-side DecryptingPrivateKey Conflict: Key from first route started is enforced for all subsequent routes on the same serverPortNumber

@Croway
Copy link
Contributor

Croway commented Oct 21, 2025

Thanks for the contribution @brunovg , could you add a test that shows this improvement?

@github-actions
Copy link
Contributor

🌟 Thank you for your contribution to the Apache Camel project! 🌟

🤖 CI automation will test this PR automatically.

🐫 Apache Camel Committers, please review the following items:

  • First-time contributors require MANUAL approval for the GitHub Actions to run

  • You can use the command /component-test (camel-)component-name1 (camel-)component-name2.. to request a test from the test bot.

  • You can label PRs using build-all, build-dependents, skip-tests and test-dependents to fine-tune the checks executed by this PR.

  • Build and test logs are available in the Summary page. Only Apache Camel committers have access to the summary.

  • ⚠️ Be careful when sharing logs. Review their contents before sharing them publicly.

@claudio4j
Copy link
Contributor

Thanks for the contribution!
Specifically the tests for the new parameter requestUriPattern are important and thise use case to have different decryptingPrivateKey for the servers listening on the same port.
I ran mvn -ntp verify -f components/camel-as2/ and there are many failures, try mvn install -Psourcecheck -DskipTests -f components/camel-as2/ also.
These changes should go first to main branch, then after merge to backport to the 4.10 and 4.14 branches.
I'm going to review the design changes.

orpiske
orpiske requested changes Oct 22, 2025
View reviewed changes
Copy link
Contributor

@orpiske orpiske left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks, it looks like a great feature improvement! There's a few things that need to be adjusted, though (including tests, as reported).

@claudio4j
Copy link
Contributor

The CI reports failures for the camel-catalog and endpointdsl, you can regenerate the as2 files with mvn install -DskipTests -pl :camel-endpointdsl,:camel-catalog

@davsclaus davsclaus force-pushed the feature/as2-port-sharing-fix branch from 79580ca to 41a76dd Compare October 23, 2025 15:42
@davsclaus davsclaus force-pushed the feature/as2-port-sharing-fix branch from 41a76dd to 4014d98 Compare October 24, 2025 13:10
@brunovg
Initialize AS2ServerConnection in AS2ConnectionHelper using the actua…
660e170 
…l AS2 configuration fields instead of null to prevent existing unit tests from failing.
@brunovg
Initialize AS2ServerConnection in AS2ConnectionHelper using the actua…
eb4b3ee 
…l AS2 configuration fields instead of null to prevent existing unit tests from failing.
@brunovg
Revert "Initialize AS2ServerConnection in AS2ConnectionHelper using t…
6e82b26 
…he actual AS2 configuration fields instead of null to prevent existing unit tests from failing."

This reverts commit eb4b3ee, reversing
changes made to 660e170.
@brunovg
AS2 unit tests with two consumers
ff95019
@brunovg
using the right signing private key on createReceivedContentMic method
dfd89e3
@davsclaus
Copy link
Contributor

Can you update the PR with these files

	modified:   components/camel-as2/camel-as2-component/src/test/java/org/apache/camel/component/as2/AS2ServerTwoConsumerBase.java
	modified:   components/camel-as2/camel-as2-component/src/test/java/org/apache/camel/component/as2/AS2ServerTwoConsumerSecEncryptedIT.java

The build is reformatting the code. And because of that the CI build fails

@davsclaus
Copy link
Contributor

Are you able to update those 2 source files, so we can continue this PR and this will also allow CI to test the code

@brunovg
Copy link
Contributor Author

brunovg commented Oct 29, 2025

Are you able to update those 2 source files, so we can continue this PR and this will also allow CI to test the code

The new unit test class that I uploaded is not working yet.
I uploaded so that @claudio4j could take a look on it.

For some reason, the fix I submitted, doesn't work on the unit tests.
I'm still working on an alternative fix.

@brunovg
Introduce AS2ConsumerConfigInterceptor and ThreadLocal state to enabl…
acb3930 
…e per-request security configuration lookups based on the request path, supporting multiple AS2 consumer endpoints with distinct keys/certs.
@brunovg brunovg requested a review from claudio4j October 29, 2025 18:29
claudio4j
claudio4j requested changes Oct 30, 2025
View reviewed changes
Copy link
Contributor

@claudio4j claudio4j left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's good to squash the commits and rebase to 4.10.x branch.
Also open a PR to the main and 4.14.x branch.

@davsclaus
Copy link
Contributor

It's good to squash the commits and rebase to 4.10.x branch. Also open a PR to the main and 4.14.x branch.

Frankly it would be best with a new PR against main branch only. Then its easier for everyone else to help test and review. And then afterwards we can then cherry-pick to LTS branches. And if something need manual code changes then ask for PRs against a specific branches.

This ensures that the code is always applied to main first and then go down when applicable.

@davsclaus
Copy link
Contributor

Would be awesome if you are able to send a PR for main branch today as then its a chance to get into 4.16.0, which makes it easier for you and everyone else to test and use and report issues that allows us to fix this in upcoming releases, and help ensure that backports to LTS branches are worth "any risk".

@brunovg
Copy link
Contributor Author

brunovg commented Oct 30, 2025

PR on main branch: #19768

@brunovg brunovg closed this Oct 30, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@claudio4j claudio4j claudio4j requested changes

@davsclaus davsclaus davsclaus approved these changes

@orpiske orpiske orpiske approved these changes

Assignees

No one assigned

Labels

camel-4 components core-build-and-dependencies

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@brunovg @Croway @claudio4j @davsclaus @orpiske